CVE-2024-52435
CVSS 3.1 Score 7.2 of 10 (high)
Details
Published Nov 18, 2024
Updated: Nov 20, 2024
CWE ID 89
Summary
CVE-2024-52435 is an SQL Injection vulnerability affecting W3 Eden, Inc. Premium Packages. The issue arises from improper neutralization of special elements used in SQL commands, allowing an attacker to inject malicious SQL code. This vulnerability potentially impacts Premium Packages with versions from n/a to 5.9.3. Successful exploitation could lead to unauthorized access, data theft, or modification of database contents. Users are urged to update to a patched version as soon as possible to mitigate the risk.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share